Simatic Pcs7@7.1 Security Vulnerabilities and Issues — Simatic Pcs7@7.1 CVE List

Lucene search

SiemensSimatic Pcs77.1

5 matches found

CVE•added 2013/03/21 3:55 p.m.•132 views

CVE-2013-0674

Buffer overflow in the RegReader ActiveX control in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to execute arbitrary code via a long parameter.

6.8CVSS8.1AI score0.02707EPSS

CVE•added 2013/03/21 3:55 p.m.•50 views

CVE-2013-0676

Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, does not properly assign privileges for the database containing WebNavigator credentials, which allows remote authenticated users to obtain sensitive information via a SQL query.

4CVSS6.3AI score0.00211EPSS

CVE•added 2013/03/21 3:55 p.m.•46 views

CVE-2013-0679

Directory traversal vulnerability in the web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote authenticated users to read arbitrary files via vectors involving a query for a pathname.

4CVSS6.4AI score0.00334EPSS

CVE•added 2013/03/21 3:55 p.m.•43 views

CVE-2013-0675

Buffer overflow in CCEServer (aka the central communications component) in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to cause a denial of service via a crafted packet.

6.1CVSS7AI score0.00064EPSS

CVE•added 2013/03/21 3:55 p.m.•40 views

CVE-2013-0677

The web server in Siemens WinCC before 7.2, as used in SIMATIC PCS7 before 8.0 SP1 and other products, allows remote attackers to obtain sensitive information or cause a denial of service via a crafted project file.

5.8CVSS6.7AI score0.00455EPSS